package com.gaojinqi.sys.core.shiro.realm;

import com.gaojinqi.base.common.util.JsonUtil;
import com.gaojinqi.sys.core.shiro.token.JwtToken;
import com.gaojinqi.sys.core.shiro.util.JwtTokenHelper;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * Jwt Realm
 *
 * @author gaojinqi
 * @version 1.0
 * @since 2020年05月12日
 */
@Slf4j
public class JwtRealm extends AuthorizingRealm {

    @Autowired
    private JwtTokenHelper jwtTokenHelper;

    /**
     * 认证
     */
    @Override
    public AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String jwt = (String) authenticationToken.getCredentials();
        if (jwt == null) {
            throw new AuthenticationException("登录令牌不存在");
        }
        String subject = (String) authenticationToken.getPrincipal();
        if (subject == null) {
            throw new AuthenticationException("登录令牌无效");
        }
        SimpleAuthenticationInfo authenticationInfo =
                new SimpleAuthenticationInfo(jwt, subject, getName());
        if (log.isDebugEnabled()) {
            log.debug("认证配置-->{}.doGetAuthenticationInfo()，authenticationInfo = {}",
                    this.getClass().getName(), JsonUtil.toJSONString(authenticationInfo));
        }
        return authenticationInfo;
    }

    /**
     * 授权
     */
    @Override
    public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        String jwt = (String) principalCollection.getPrimaryPrincipal();
        // 设置角色
        authorizationInfo.addRoles(jwtTokenHelper.getRoles(jwtTokenHelper.getClaims(jwt)));

        // 设置权限 可能没使用
        authorizationInfo.addStringPermissions(jwtTokenHelper.getPerms(jwtTokenHelper.getClaims(jwt)));
        if (log.isDebugEnabled()) {
            log.debug("授权配置-->{}.doGetAuthorizationInfo()，authorizationInfo = {}",
                    this.getClass().getName(), JsonUtil.toJSONString(authorizationInfo));
        }
        return authorizationInfo;
    }

    @Override
    public Class<?> getAuthenticationTokenClass() {
        return JwtToken.class;
    }

//    /**
//     * 清空当前登录所有缓存
//     */
//    public void clearRealmCache() {
//        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
//        super.clearCache(principals);
//    }
//
//    /**
//     * 清空当前登录用户信息
//     */
//    public void clearAuthenticationInfoCache() {
//        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
//        super.clearCachedAuthenticationInfo(principals);
//    }
//
//    /**
//     * 清空当前登录用户的角色权限信息
//     */
//    public void clearAuthorizationCache() {
//        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
//        super.clearCachedAuthorizationInfo(principals);
//    }
//
//    /**
//     * 清空他人角色权限信息
//     */
//    public static void clearOtherAuthorizationCache(JwtRealm shiroRealm, String username) {
//        Subject subject = SecurityUtils.getSubject();
//        String realmName = subject.getPrincipals().getRealmNames().iterator().next();
//        //第一个参数为用户名,第二个参数为realmName
//        SimplePrincipalCollection principals = new SimplePrincipalCollection(username, realmName);
//        subject.runAs(principals);
//        shiroRealm.getAuthorizationCache().remove(subject.getPrincipals());
//        subject.releaseRunAs();
//    }

}
